Android file manager apps infect thousands with Sharkbot malware

Topic

New Reply

https://www.bleepingcomputer.com/news/security/android-file-manager-apps-infect-thousands-with-sharkbot-malware/

A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan.

The apps do not carry the malicious payload upon installation to evade detection when submitted on Google Play but instead fetch it later from a remote resource.

Because the trojan apps are file managers, it’s less likely to raise suspicions when requesting dangerous permissions for loading the Sharkbot malware…

Sharkbot is a dangerous malware that attempts to steal online bank accounts by displaying fake login forms over legitimate login prompts in banking apps. When a user attempts to log in to their bank using one of these fake forms, the credentials are stolen and sent to the threat actors.

The malware has constantly been evolving, appearing on the Play Store under various guises or loaded from trojan apps.

In a new report by Bitdefender, analysts discovered the new Android trojan apps disguised as file managers and reported them to Google. All of them have since been removed from the Google Play Store…

The list of mobile bank apps targeted by the malware is displayed below, but as Bitdefender notes, the threat actors can remotely update this list anytime…

Reply | Quote